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IN THE CLAIMS 

PIp^rp mrifinfl thr rWm^ f^^^^wf^; „ 

1 . (Currently Amended) A method of providing transport-independent secure 
communications in a computer netv^ork, comprising the steps of: 

receiving application data at an upper connection layer of a protocol stack , the application 
data received from an application; 

passing the application data from the upper connection layer to a security layer; 
encrypting the application data within the security layer; 

passing the encrypted application data from the security layer to a lov^er connection layer 
of the protocol stack ; and 

sending the encrypted application data from the lov^er connection layer out a network 
connection; 

wherein the application is not required to perform security handshakes in order to send encrypted 
application data over the network, the connection layers support at least one network transport 
protocol, and the security layer is not specific to that transport protocol. 

2. (Original) The method of claim 1 , further comprising the steps of receiving at the 
lower connection layer encrypted application data which came in at the network connection; 
passing the encrypted application data from the lower connection layer to the security layer; 
decrypting the application data within the security layer; passing the decrypted application data 
from the security layer to the upper connection layer; and sending the decrypted application data 
from the upper connection layer to the application, without requiring that the application perform 
a security handshake. 

3. (Original) The method of claim 1 , further comprising the step of the lower 
connection layer establishing a connection with a handshake mode that is at least one of an 
interactive mode and a bhnd-root-accept mode. 
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4, (Original) The method of claim 1 , further comprising the step of the lower 
connection layer establishing a connection with a handshake mode that is at least one of a server 
mode, a client mode, and a server with client authentication enabled mode. 

5 . (Original) The method of claim 1 , further comprising the step of changing a list of 
trusted roots for the secure connection. 



6. (Original) The method of claim 1, further comprising the step of the security layer 
informing at least one of the connection layers of security handshake proceedings. 

7. (Currently Amended) A system for secure computer networking, comprising: 

an application which is free of code for performing security procedure handshakes for 
secure network communications; 

at least one connection layer interfaced with the application, the connection layer 
comprising an upper connection layer associated with a protocol stack and a lower connection 
layer associated with the protocol stack , the connection layers comprising code for performing at 
least one network transport protocol; and 

a security layer callable from the connection layer rather than the application, the security 
layer comprising code for performing security procedure handshakes for secure network 
communications, the security layer also comprising code for encrypting and decrypting 
application data. 

8. (Original) The system of claim 7, wherein the connection layers comprise code for 
performing a WinSock network transport protocol. 

9. (Original) The system of claim 7, wherein the security layer comprises code for 
performing security procedure handshakes for a Secure Sockets Layer session. 



10. (Original) The system of claim 7, wherein the security layer comprises code for 
performing security procedure handshakes for a Transport Layer Security session. 
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1 1 . (Original) The system of claim 7, wherein the application comprises code for 
providing Lightv^eight Directory Access Protocol services. 

1 2. (Original) The system of claim 7, comprising a means for the security layer and at 
least one of the connection layers to identify a particular application and its cryptographic 
properties. 

13. (Original) The system of claim 7, comprising a means for the security layer and at 
least one of the connection layers to identify a function as a call back function. 

14. (Original) The system of claim 7, comprising a means for establishing a secure 
connection using a specified handshake mode. 

15. (Original) The system of claim 7, further comprising a legacy application which 
performs security handshakes, and a security module supporting a secure connection to the 
legacy application. 

16. (Currently Amended) A configured storage medium embodying data and instructions 
readable by a computer to perform a method of processing application data for secure network 
communications, the method comprising the computer-implemented steps of: 

at a security layer, receiving a request from a lower connection layer of a protocol stack 
to establish a secure connection; 

in response, utilizing a means for establishing a connection to establish the requested 
connection; and 

at the security layer, receiving encrypted application data from the lower connection 
layer, decrypting the application data, and passing the decrypted application data to an upper 
connection layer of the protocol stack ; 

whereby an application receives the decrypted application data without being required to perform 
security procedure handshakes for secure network communications. 
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1 7. (Original) The configured storage medium of claim 16, wherein the means for 
estabUshing a connection establishes a Secure Sockets Layer connection. 

1 8. (Original) The configured storage medium of claim 16, wherein the method further 
comprises receiving the encrypted application data at the lower connection layer using a 
transport model, 

19. (Currently Amended) The configured storage medium of claim 1 8, wherein the lower 
connection layer uses a Nov e ll proxy transport model. 



20. (Original) The configured storage medium of claim 16, further comprising a signal 
embodied in the computer, the signal comprising a secure network communications protocol 
stack interface which is callable from at least the lower connection layer. 



